Coveo for Sitecore v3 Rest API Impersonate User

Hi,

I'm new to Coveo for Sitecore and I was wondering if someone could help me with the following:

How do I configure the Coveo for Sitecore v3 (Sitecore 7.2) Rest API queries to run as a particular user? Either all of the time or using impersonation. Currently when I include the debug=1 parameter in the URL I get that the query is being run as the extranet\\Anonymous user and I'd like it to be run as either extranet\\CoveoSearch or sitecore\\Coveo search (a new user that I will set up in Sitecore). Can anyone point me in the right direction?

1 Reply

Coveo for Sitecore will, by default, send the search queries with the identity of the currently logged user as reported by the Sitecore API to honor all the security set on the Sitecore items. If the user can't browse to a specific page because of security restrictions, he won't have access to this page in the search results either.

That being said, this logic can be extended to change and even add identities to the search queries with processors in the getSearchUserIdentities pipeline defined in the Coveo.SearchProvider.Rest.config file.

A processor in this pipeline will receive in parameter, the list of identities added by Coveo for Sitecore and the previous processors. So you have control whether to delete existing ones, change them or simply add additional ones.

Alternatively, you can set the domain of your "website" <site> in the Sitecore configuration to be "extranet" or "sitecore" and set this domain's anonymousUserName to "CoveoSearch" (a new user) in the Domains.config file.

I hope this helps you understand the security mechanism of Coveo search queries and achieve your goal.

Thanks for the quick response. The REST endpoint pipeline code seems like the thing I need. One additional questions though. Where is the GetSearchUserIdentitiesArgs class defined? I've added a reference to Coveo.SearchProvider.Rest but no luck.